Information Security Officer - Luxembourg - Business Training Luxembourg SA

Business Training Luxembourg SA

Entreprise vérifiée

Luxembourg

il y a 1 semaine

Posté par:

Jean Schmitz

Recruteur de beBee

Description

30 years of experience in high-end training

Business Training's experience is built on solid ground: we have been providing cutting-edge ICT training sessions for about 20 years. Originally, Business Training specialized in IT technical and end-user trainings (Windows, MS Office, etc.). A few years ago, our company widened the range of its training catalogue to also meet the increasing demand for best-of-breed management courses (PRINCE2, IPMA, ITIL, etc.).

Job description:

The Information Security Officer main responsibilities are to:
Support the implementation of new IT regulations, by performing gap analysis, action plan definition, implementation support and/or follow-up;
Participate with the second line of defence and local stakeholders in local and third parties risk assessments activities: assessing threats, mitigating controls, proposed controls, and their risk levels risk (Inherent, current and residual);
Collaborate with IT teams to ensure the integration of security measures in system designs and implementations;
Take part in the day-to-day IT security operations (digital certificate issuing, Non Personal account support, incident reports, incident management, etc.);
Follow-up and support security controls implementation the different IT Risk security domains: Foundations, Identity and Access Management, Change Management, Platform Security, Operational Resilience and Security Monitoring;
Take part in internal and external Audits;
Support other Security officers in their various activities;
Work with highly collaborative agile teams;
Maintain good working relations with the other bank teams;

Profile:

Competencies/Behaviour:

Ability to take initiatives and responsibilities;
Ability to adapt and anticipate;
Effective communication skills to convey security concepts to technical and non-technical stakeholders;
Rigor, precision;
Customer/result orientation;
Strong team spirit;
Ability to learn and transmit it;
Stay updated on emerging threats and security technologies to proactively enhance the organization's security posture;
Knowledge of banking environment is appreciated;

Skills:

Knowledge of security frameworks, standards, and best practices, such as ITIL, ISO27001, OWASP and PCI-DSS;

Experience with standard Security components:
Firewalls, proxies, DLP, Anti-virus, WAF, SIEM, etc;
Experience with third party contract management;
Experience with regulatory requirements analysis;

Experience with standard enterprise tools:
Office suite, ServiceNow, CMDB tools, etc.;
Scripting knowledge to automate recurring tasks, such as Perl, Python, etc.;
Knowledge of standard developments practices and tooling such as GIT and Azure pipeline;

Expérience:

Master degree in IT Security, IT Risk management or related domains;
At least 5 years of experience in IT Security related job (IT security officer, Information Risk Manager, IT Security governance consultant, etc.);
Related certifications such as CISSP, CISM or similar experience;

Languages:

A good knowledge of English and a conversational knowledge of French are required;